CVSS: 6.8EPSS: 4%CPEs: 1EXPL: 2CVE-2008-1942
https://notcve.org/view.php?id=CVE-2008-1942
Foxit Reader 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with (1) a malformed ExtGState resource containing a /Font resource, or (2) an XObject resource with a Rotate setting, which triggers memory corruption. NOTE: this is probably a different vulnerability than CVE-2007-2186. El Foxit Reader 2.2 permite a los atacantes remotos causar una denegación de servicio (caida) y posiblemente la ejecución de código arbitrario mediante un fichero PDF con (1) un recurso ExtGState mal construido conteniendo un recurso /Font o (2) un recurso XObject con configuración Rotate, con iniciadores de corrupción de memoria. NOTA: esta es, probablemente, una vulnerabilidad distinta a CVE-2007-2186 • http://secunia.com/advisories/29934 http://www.securityfocus.com/bid/28890 http://www.vallejo.cc/proyectos/foxitreader1.htm http://www.vallejo.cc/proyectos/foxitreader2.htm http://www.vupen.com/english/advisories/2008/1327/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41972 https://exchange.xforce.ibmcloud.com/vulnerabilities/41973 • CWE-20: Improper Input Validation •